Google Chrome users warned to ‘update’ browser immediately for ‘high threat’

Millions of Google Chrome users have been warned they need to update an app now after a “high level” bug was discovered. Google researchers have discovered a serious security threat, CVE identifier CVE-2024-5274, which is a type of confusion bug in the V8 JavaScript engine and WebAssembly.

The issue was reported by the Google Threat Analysis team and Chrome Security on May 20. The security breach caused an “out-of-bounds memory access” issue in Chrome’s V8 JavaScript engine and was already being actively exploited before Google patched it.

Experts have now urged Google Chrome users to upgrade to Chrome version 125.0.6422.112/.113 for Windows and macOS and to version 125.0.6422.112 for Linux to mitigate the potential threats. The vulnerabilities are caused by a Type Confusion bug in the V8 JavaScript engine and also affect other Chromium-based browsers, including Microsoft Edge.

READ MORE Britons in Spain and Portugal told to brace for ‘dramatic’ change from today

Successful exploitation of the vulnerabilities could allow an attacker to execute remote code via a malicious HTML page. Google confirmed: “The Stable channel has been updated to 125.0.6422.112/.113 for Windows, Mac and 125.0.6422.112 for Linux, which will be released in the coming days/weeks. A full list of changes in this release is available in Log.

“Note: Access to bug details and links may be kept restricted until most users are updated with a fix. We’ll also keep restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet. fixed.

“Google knows an exploit for CVE-2024-5274 exists in the wild.” It went on to add, as it urged Chrome users to update their browsers immediately after this week’s threat: “We’d also like to thank all the security researchers who worked with us during the development cycle to prevent security to ever reach the stable channel. .”